CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer ...
-
Daily CyberSecurity
The IP Wall Falls: Disney Invests $1B in OpenAI to License 200+ Characters for AI
Long regarded as the “most formidable legal department in the Western Hemisphere,” Disney has historically guarded its intellectual property with near-impenetrable vigilance. Yet in the age of artific ...
-
Daily CyberSecurity
Farewell, Tabs: Google’s Experimental Disco Browser Generates Web Apps with AI
The race among artificial intelligence models has entered a fevered, white-hot phase—and AI-driven browsers have now gained a new contender. Google Labs has unveiled an experimental project called Dis ...
-
Daily CyberSecurity
React Patches Two New Flaws Risking Server-Crashing DoS and Source Code Disclosure
The security saga surrounding React Server Components continues this week. Just days after the React team patched a critical remote code execution (RCE) flaw, security researchers digging into those v ...
-
TheCyberThrone
GeoServer CVE-2025-58360 added to CISA KEV
Why this vulnerability mattersCVE-2025-58360 is a recently disclosed XML External Entity (XXE) vulnerability in OSGeo GeoServer that has now been added to the CISA Known Exploited Vulnerabilities (KEV ...
-
Daily CyberSecurity
Core Banking System Flaw: Apache Fineract IDOR Risks Authorization Bypass & Customer Data Access
A trio of security vulnerabilities has been disclosed in Apache Fineract, the open-source core banking system that powers digital financial services for the unbanked and underbanked worldwide. The fla ...
-
Daily CyberSecurity
New 01flip Ransomware Hits APAC Critical Infra: Cross-Platform Rust Weapon Uses Sliver C2
A ransom note | Image: Unit 42 A new and sophisticated ransomware player has entered the cybercrime arena, targeting critical infrastructure in the Asia-Pacific region with a custom-built, cross-platf ...
-
Daily CyberSecurity
CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the widely used OSGeo GeoServer software to its Known Exploited Vulnerabilities (KEV) Catalog. ...
-
CybersecurityNews
New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks
Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server Components (RSC). Security r ...
-
Daily CyberSecurity
CVE-2025-64188 (CVSS 9.8): Critical “Soledad” Theme Flaw Lets Subscribers Take Over WordPress Sites
A critical security vulnerability has been discovered in Soledad, one of the most popular general-purpose WordPress themes on the market with over 57,000 active sales. The flaw, which carries a near-m ...